Lucene search
K

186 matches found

OSV
OSV
added 5 days ago2 views

CVE-2026-57215 RabbitMQ: Direct-reply-to binding persistence can lead to unauthorized reply-channel injection and persistent phantom

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, RabbitMQ allows foreign bindings to amq.rabbitmq.reply-to destinations because volatile direct-reply-to queues can be accepted at bind and route time but are missing from Khepri-backed deletion checks,...

7CVSS6.1AI score0.00349EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2026/07/01 5:1 p.m.7 views

CVE-2026-53339

A flaw was found in the Linux kernel's i2c-qcom-cci driver. This vulnerability occurs when the device unbinding or driver removal process is initiated on systems where only one I2C master is initialized, despite the Qualcomm CCI controller providing two. This can lead to a NULL pointer dereferenc...

5.5CVSS5.8AI score0.00164EPSS
Exploits0References4
NVD
NVD
added 2026/07/01 2:16 p.m.5 views

CVE-2026-53339

In the Linux kernel, the following vulnerability has been resolved: i2c: qcom-cci: Fix NULL pointer dereference in cciremove On all modern platforms Qualcomm CCI controller provides two I2C masters, and on particular boards only one I2C master may be initialized, and in such cases the device...

0.00164EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: typec: ps883x: Fix Oops at unbind When trying to unbind a device in order to bind to it vfio-platform as: echo bc0000.geniqup...

5.5CVSS6AI score0.00121EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/25 5:47 p.m.6 views

CVE-2026-53270

A flaw was found in the Linux kernel's IP Virtual Server IPVS component. During the ipvseditservice operation, the svc-scheduler pointer is cleared too late when unbinding an old scheduler. This improper handling allows packets to access previously freed scheduler data, leading to a use-after-fre...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: media: v4l2-async: Fixed error handling after finding a match. Once an async connection is found to match an fwnode, a sub-device may be registered if it wasn’t already. Its binding operation is performed, auxiliary links are...

5.5CVSS6AI score0.00127EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: accel/ivpu: Fixed a race condition when unbinding BOs. Fixed a warning stating “Memory manager not cleaned during takedown” that occurs when ivpugembofree removes a BO from the BOs list before it is unmapped. This issue caused...

4.7CVSS6AI score0.00086EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.12 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: reset: gpio: Suppressing the bind attributes in sysfs. This is a special device that is created dynamically and is supposed to remain in memory forever. Currently, there is no devlink between this device and the actual reset...

7.8CVSS5.8AI score0.00134EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: drm/imx/tve: fixed the probe device leak. Make sure to remove the reference to the DDC device during probe operations when there is a probe failure e.g., probe deferral, as well as during the driver unbinding process...

5.5CVSS6AI score0.00115EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the spigot topcliff-pch driver releasing and reusing resources after unbinding them. This...

7.8CVSS5.3AI score0.00117EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.13 views

CVE-2026-50212

Weak validation logic within device dissociation API routines allows a remote entity to forcefully unbind unrelated user endpoints, causing severe denial of service...

7.1CVSS5.5AI score0.00165EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 7:32 a.m.8 views

CVE-2026-50212 Arbitrary Remote Device Unbinding

Weak validation logic within device dissociation API routines allows a remote entity to forcefully unbind unrelated user endpoints, causing severe denial of service...

7.1CVSS5.8AI score0.00165EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 7:32 a.m.25 views

CVE-2026-50212

CVE-2026-50212 concerns weak validation logic in the device dissociation API routines, allowing a remote attacker to forcefully unbind unrelated user endpoints and cause denial of service. The NVD entry cites a CVSS v4.0 base score of 7.1 (HIGH), adjacent attack vector, low complexity, no user in...

7.1CVSS5.8AI score0.00165EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/04 7:32 a.m.42 views

CVE-2026-50212 Arbitrary Remote Device Unbinding

Weak validation logic within device dissociation API routines allows a remote entity to forcefully unbind unrelated user endpoints, causing severe denial of service...

7.1CVSS0.00165EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the SPI Cadence-QuadSPI driver failing to ensure that the controller remains awake during...

5.8AI score0.00131EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.17 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the SPI/RSPI controller releases underlying resources such as DMA without properly...

5.8AI score0.00119EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the state machine’s operation is not canceled after unbinding in the spi...

5.8AI score0.00135EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Memory: mtk-smi – fixed device leaks during the common probe. Make sure to remove the references made when checking the SMI device during a common probe after a late probe failure e.g., probe deferral, as well as during driver...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: GPIO: sysfs: fix the issue where removing a chip with GPIOs exported through sysfs occurs. Currently, if we export a GPIO through sysfs and unbind the parent GPIO controller, the exported attribute will remain under...

5.5CVSS5.4AI score0.00126EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all or, presumably, all of the firmware files failed to parse, we end up unbinding the driver by calling devicereleasedriver, which calls remove. This then calls iwldrvsto...

7.8CVSS6.3AI score0.00242EPSS
Exploits0References2
Rows per page
Query Builder